ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX

Junos Software Service Release version 20.2R2-S1 is now available for download from the Junos software download site
Download Junos Software Service Release:

1. Go to Junos Platforms - Download Software page
2. Input your product in the "Find a Product" search box
3. From the Type/OS drop-down menu, select Junos SR
4. From the Version drop-down menu, select your version
5. Click the Software tab
6. Select the Install Package as need and follow the prompts

Junos Software service Release version 20.2R2-S1 is now available.

20.2R2-S1 - List of Fixed issues

PR Number	Synopsis	Category: Marvell based EX PFE L2
1520351	On the EX4600 and EX4300 Virtual Chassis or Virtual Chassis Fabric, the VSTP configurations device goes unreachable and becomes nonresponsive after commit. Product-Group=junos	On QFX5100 or EX4600 in mix-VC (Virtual Chassis) scenario when the QFX5100/EX4600 uses "PHY" port as VCP (Virtual Chassis Port) port, the VC system might get hanged and unreachable after committing the VSTP (VLAN Spanning Tree Protocol) configurations.
PR Number	Synopsis	Category: EX2300/3400 platform
1539293	On the EX3400 and EX2300 switches, the upgrade fails due to the lack of available storage. Product-Group=junos	On EX3400 and EX2300 devices, in spite of storage cleanup and and snapshot deletion through CLI commands, upgrade sometimes fails due to lack of storage space. This happens due to an increase in package size and due to logs accumulated over several upgrades and reboots.
PR Number	Synopsis	Category: ACX L3 IPv4, IPv6 support
1508534	ACX may stop forwarding transit and control traffic Product-Group=junos	The ACX500, ACX1000, ACX1100, ACX2100, ACX2200, and ACX4000 platform may stop forwarding transit and control traffic due to DMA stuck issue with SDK.
PR Number	Synopsis	Category: BBE Layer-2 Bitstream Access
1551207	PPPoE subscribers login failure may happen Product-Group=junos	In Broadband Network Gateway (BNG) scenario where Layer-2 Bitstream Access (L2BSA) and PPPoE subscribers are working on the same interface/VLAN, PPPoE subscribers login may get stuck in a pending state, if the IN-FLIGHT flag of L2BSA is not cleared after its Port-Up packet is rejected by RADIUS, and during this process, another Port-Up for the same access-loop arrives.
PR Number	Synopsis	Category: MX Platform SW - UI management
1537194	Chassisd memory leak may happen Product-Group=junos	Multiple configuration commits may cause memory leak in chassisd.
PR Number	Synopsis	Category: Firewall Policy
1546120	Traffic might be dropped unexpectedly when the url-category match condition is used on a security policy Product-Group=junos	An issue was discovered within Unified Policies that affected the url-category match condition that can cause it to "over-match" and apply to more traffic than it should. This can result in the SRX dropping traffic that would otherwise be permitted
PR Number	Synopsis	Category: vMX Data Plane Issues
1544856	The riot forwarding daemon crash might be observed on vMX based platforms configured with IRB interface Product-Group=junos	On vMX based platforms enabled with IRB interface, the riot forwarding daemon crash might be observed which could lead to traffic loss.
PR Number	Synopsis	Category: Interface related issues. Port up/down, stats, CMLC , serdes
1538340	Interfaces are not created after channel-speed 10g is applied across ports 48 to 53 on QFX5100-48T Product-Group=junos	After channelizing port 48 through 53 and channel speed, the interfaces are down on QFX5100-48T platform. This issue causes interfaces are deleted and traffic might be dropped.
PR Number	Synopsis	Category: DHCP related Issues
1551710	[EMC CNTR] DHCP V6 is not working for qfx5110-48s-4c Product-Group=junos	DHCPv6 traffic received over vtep will not be forwarded out of the device post decap. QFX5k devices (RIOT devices) will copy the packets to CPU and it won't be reinjected from PFE hostpath due to this issue.
PR Number	Synopsis	Category: VNID L2-forwarding on Trio
1517591	no-arp-suppression is required for MAC learning across the EVPN domain on the static VTEP. Product-Group=junos	O On MX Series platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, the Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or proxy ARP role on VTEP might not work properly. This issue might occur when the 'no-arp-suppression' configuration statement is disabled under EVPN instance combined with static VXLAN implementation. Please refer to the workaround provided when this issue hit.
PR Number	Synopsis	Category: VSRX platform software
1524243	The control link might be broken when there is excessive traffic load on the control link in vSRX cluster deployment. Product-Group=junosvae	In the vSRX2.0 cluster running on KVM, when there is excessive traffic load on the control link (em0 link), the error message kernel: em0: watchdog timeout on queue 0 might be shown in the syslog. This interruption might cause the cluster control link to fail and dynamic routing protocols not to work properly.
1551419	Config integrity mismatch error in vSRX3.0 running on Azure with key-vault integrated Product-Group=junos	On vSRX3.0 running on Azure and with HSM(key-vault) integrated, config hash mismatch failure will be observed on 'commit check' operation followed by 'commit' operation. System software halt might be triggered as a result.

 

---

20.2R2-S1 - List of Known issues

PR Number	Synopsis	Category: EX2300 Hardware
1369924	EX2300 - Watchdog reset is shown as Swizzle Product-Group=junos	On EX2300, when watchdog is induced, the last reboot reason is shown as Swizzle Reboot.
1463583	EX2300-48MP-VC Rebooting randomly Product-Group=junos	EX2300-48MP-VC Rebooting randomly. There is no any core getting generated, its rebooting silently and randomly. There are no any syslogs, console logs getting generated before reboot. Reboot reason is showing as normal reboot.
PR Number	Synopsis	Category: EX4300 VC implementation
1526493	EX4300-48MP device might go out of service during a software upgrade operation Product-Group=junos	On EX4300-48MP platform, when a software upgrade operation is issued, the storage available for the Junos virtual Machine(VM), at the hypervisor level, can fall low. This can result in the Junos VM going into a hung or paused state. A reboot of the device is required to restore service on the device.
PR Number	Synopsis	Category: EX2300/3400 PFE
1543181	Slaac-Snoopd child process core is observed upon Multiple Switchovers on RE Product-Group=junos	Slaac-Snoopd core in the child process of slaac-snoopd daemon is seen when Old Master transition to Master happens again. It means when RE has undergone 2 switchovers starting from Mastership role and again regaining the Mastership role after second switchover, slaac-snoopd core in the child process of slaac-snoopd daemon is observed. However it was observed that the core has no impact on base functionality of slaac-snoopd daemon.
PR Number	Synopsis	Category: QFX L3 data-plane/forwarding
1529240	[evpn_vxlan] [default_switch_instance] PFE error message seen on qfx5120-48y: BRCM-VIRTUAL,brcm_vxlan_riot_destroy_nh(),1494:Failed to delete egr_if(400138) err-Operation still running Product-Group=junos	Sometimes when we perform "deactivate protocols bgp" on the QFX5k RIOT devices, we may see "BRCM-VIRTUAL,brcm_vxlan_riot_destroy_nh(),1494:Failed to delete egr_if(400138) err-Operation still running" error messages during arp_ndp clean up stage and these are harmless.
PR Number	Synopsis	Category: MX Layer 2 Forwarding Module
1546631	MAC learning issue might happen when EVPN-VXLAN is enabled Product-Group=junos	On MX platform, with Ethernet VPN and Virtual Extensible LANs (EVPN-VXLAN) implemented, Address Resolution Protocol (ARP) requests received on VXLAN tunnel endpoint (VTEP) might not forward to customer edge (CE) side or Proxy ARP role on VTEP might not work properly. This issue could happen when knob 'no-arp-suppression' is disabled under EVPN instance combined with static VXLAN implementation. Please refer to workaround provided when this issue hit.
PR Number	Synopsis	Category: Bi Directional Forwarding Detection (BFD)
1453705	On the MX2010 Series routers, the BFD session on the IS-IS step up flaps during the ISSU - FRU upgrade stage. Product-Group=junos	Bfd session flaps during ISSU only in mpc7e card(Bfd sessions from other cards of DUT to peer routers did not flap during ISSU). Issue is not seen frequently.
PR Number	Synopsis	Category: EVPN Layer-2 Forwarding
1526642	The mac-ip table is not clean after clearing MAC table for MH host connecting to CRB leaf Product-Group=junos	Clearing MAC routes results in triggering corresponding MAC+IP refresh requests. And if there is no response received for these requests, MAC+IP routes are deleted along with MAC route. At times, these MAC+IP refresh triggers (rearp) is not issued causing MAC+IP routes to stay even though MAC routes are deleted and CE device is not reachable. In such cases, MAC+IP clear can be issued for those macs and clear those MAC+IP routes.
PR Number	Synopsis	Category: Express PFE CoS Features
1545046	Microburst absorption limitation on QFX5K Product-Group=junos	QFX5120 has 32MB shared-buffer to absorb the bursty traffic. Multicast traffic can use maximum ~5 MB shared buffer as per default config. Any multicast burst more than 5MB size will get tail dropped due to buffer exhaustion. Multicast shared buffer partition size can be increased using "shared-buffer" CLI configuration. Refer below document for more information on shared buffer fine tuning on QFX5K platforms. https://www.juniper.net/documentation/en_US/junos/topics/concept/cos-qfx-series-buffer-configuration-understanding.html
PR Number	Synopsis	Category: Express PFE including evpn, vxlan
1548740	EVPN-VXLAN: After 12hr of longevity with events, L3 traffic with destination to local host is dropped Product-Group=junos	EVPN-VXLAN: After 12hr of longevity with events, L3 traffic with destination to local host is dropped
PR Number	Synopsis	Category: Express PFE L2 fwding Features
1454274	After changing the vlan name on trunk interface, local host mac learning will be hold for more than 30 seconds Product-Group=junos	After changing the vlan name on trunk interface while port is receiving continuous traffic for that vlan, local host mac learning will be hold for more than 30 seconds. In case of trunk port, when vlan name is changed, bridge domain entry is deleted from HW and new entry gets installed in HW. In meantime when new entry is yet to be installed in HW, port keeps receiving traffic for that vlan and learn source mac and notifies to PFE with old bridge domain id. PFE sw upon receiving this mac drops it as bridge domain and port mapping will not be present in Sw which is a must criteria for a Source mac received on an bridge domain. Once PFE drops the mac, upper layers (L2ALD) does not get this mac info and aging thread marks the hash index in HW as stale. Until that hash index is not cleared in Hw, same Source mac cannot be learnt on the same hash index. Ageing thread periodically scans one mac table out of 4 tables at a time in intervals of 10 seconds and checks for stale entries and clear the HW hash stale entry, and this time is almost 40-50 seconds based on the number of PFE chips in a FPC. In case of Access port, default bridge domain is installed in HW to receive untagged traffic and does not get deleted while changing vlan name associated to that access port. So this issue is not seen for access port.
PR Number	Synopsis	Category: Microkernel for neo mpc
1538131	JDI-RCT:M/Mx: NPC crashed @ cmtfpc_mic_neo_state_check (mic_env=< optimized out>, mic_slot=< optimized out>) at ../../../../src/pfe/common/applications/cmt/jam/cmtfpc_pic_npc_jam.c:4808 Product-Group=junos	This issue is due to Thread hogging for 2.5s after ISR registration during ISSU done phase causing a core at FPC. FPC will get rebooted with ISR registration again during normal init. This issue is specific to "3D 20x 1GE(LAN)-E,SFP" and "3D 20x 1GE(LAN)-EH,SFP" MIC types.
PR Number	Synopsis	Category: FreeBSD Kernel Infrastructure
1544222	recovery snapshot creation fails for lack of space Product-Group=junos	Power loss during software install can leave artifacts that consume space. These need to be included in package cleanup procedure.
PR Number	Synopsis	Category: JUNOS Network App Infrastructure (for ping, traceroute, etc)
1463622	The cosmetic error messages of NTP time synchronization might be seen during device booting Product-Group=junos	In NTP with the boot-server scenario, when the router or switch boots, the NTP daemon sends ntpdate request to poll the configured NTP boot-server to determine the local date and time. If the ntpdate is not activated correctly while the device is booting, the ntpdate might not work successfully. Then, some cosmetic error messages of time synchronization might be seen, but there is no impact with time update because the NTP daemon will update the time eventually.
1474791	JDI-RCT:M/Mx: errors @ sendto/sendmsg(10.50.36.33): No error: 0, no server suitable for synchronization found during reboot/ISSU Product-Group=junos	Error might be seen upon rebooting because in some cases ntpdate may not be able to reach the boot-server. But this will not impact the time update because ntpd will update the time eventually.
PR Number	Synopsis	Category: PTP related issues.
1514066	Sometimes external 1 pps cTE is slightly above Class B requirement of the ITU-T G.8273.2 specification. Product-Group=junos	On some boot, External 1PPS may see upto 22ns cTE, while the 2way TE stays within 20ns.
PR Number	Synopsis	Category: QFX L2 PFE
1535555	[evpn_vxlan] [default_switch_instance] PFE error message is seen in BRCM-VIRTUAL,brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found) Product-Group=junos	On a QFX5110 or 5120, when the Type 5 tunnels are destroyed, sometime we can see error messages "brcm_virtual_tunnel_port_create() ,489:Failed NW vxlan port token(45) hw-id(7026) status(Entry not found)". There is no functionality impact due to this.
PR Number	Synopsis	Category: QFX EVPN / VxLAN
1545517	TPI-77795:20.2: BD creation failed for few vlans while switching from script config to profile config Product-Group=junos	When the VxLANs are scaled to 4k and we try to load directly another set of 4k vxlans by replacing the existing 4k vxlans, sometimes there could be some vxlan creation failures. this is only seen once in multiple tries.
1550279	EVPN_VXLAN:BUM Loop occurred while modify VNI in l2-broadcast Product-Group=junos	EVPN_VXLAN:BUM Loop occurred while modify VNI in l2-broadcast
1550305	EVPN_VXLAN : Traffic not load balanced by QFX10002 over ESI links with evpn_vxlan configured Product-Group=junos	EVPN_VXLAN : Traffic not load balanced by QFX10002 over ESI links with evpn_vxlan configured
PR Number	Synopsis	Category: MPC7/8/9 Interface Issues
1473280	The following error message might appear: Failed to complete DFE tuning. This error message has no functional impact and can be ignored. Product-Group=junos	Even with the fix for PR 1463015, the "Failed to complete DFE tuning" syslog may appear. This message has no functional impact and can be ignored.
PR Number	Synopsis	Category: ZT/YTpfe bridging, learning, stp, oam, irb software
1435855	Layer 2 over GRE is not supported in Junos OS Release 19.3R1. Even though, the configuration gets committed, the feature does not work. Product-Group=junos	On MPC10E 3D MRATE-15xQSFPP, L2 over GRE is not supported. Although the configuration gets committed, the feature does not work.

First publication 2020-12-11